<?php
include("../includes/db.php");
include("../includes/config.php");
if (isset($_COOKIE["user"]))
{
$query = "SELECT * FROM users WHERE status='2'";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {
if ($_COOKIE["user"] == $row['username'])
{
if ($_COOKIE["pass"] ==  $row["password"])
{
$caption = "Administration Panel";
include("../includes/head.php");
$get_config = "SELECT * FROM config";
$config_result = mysql_query($get_config);
while ($row = mysql_fetch_array($config_result)) {
$site_name = $row['site_name'];
$site_motto = $row['site_motto'];
$site_foot = $row['site_foot'];
$site_url = $row['site_url'];
?>
<? 
	include("../includes/nav.php");
?>
<body>
	<form method="post" action="">
		<table border="0" align="center">
			<tr>
				<td colspan="2">
					<center>
						Site Config
					</center>
					<hr>
				</td>
			</tr>
			<tr>
				<td>
					<label>
						Site Name:
					</label>
				</td>
				<td>
					<?
						echo "<input name='site_name' type='text' value='$site_name'>"; 
					?>
				</td>
			</tr>
			<tr>
				<td>
					<label>
						Site Motto:
					</label>
				</td>
				<td>
					<?
						echo "<input name='site_motto' type='text' value='$site_motto'>"; 
					?>
				</td>
			</tr>
				<td>
					<label>
						Site URL:
					</label>
				</td>
				<td>
					<?
						echo "
							<input name='site_url' type='text' value='$site_url'>"; 
					?>
				</td>
			</tr>
			<tr>
				<td>
					<label>
						Site Footer: 
					</label>
				</td>
				<td>
					<?
						echo "<input name='site_foot' type='text' value='$site_foot'>"; 
					?>
				</td>
			</tr>
			<tr>
				<td colspan="2">
					<div align="center">
						<input name="submit" type="submit" value="Submit">
					</div>
					<table border="0" align="center">
						<tr>
							<td colspan="2">
								<br>
								<center>
									Users
								</center>
								<hr>
							</td>
						</tr>
						<tr>
							<td>
								<label>
									User: 
								</label>
								<select name="users">
<?PHP
	$query = "SELECT * FROM users";
	$result = mysql_query($query);
	while ($row = mysql_fetch_array($result)) 
	{
?>
									<option value="<? echo $row['username']; ?>">
<?PHP 
	echo $row['username'];
	}
?>
									</option>
								</select>
							</td>
						</tr>
						<tr>
							<td>
								<label>
									Status:
								</label>
								<input type="text" name="status">
							</td>
						</tr>
						<tr>
							<td>
								<input type="submit" name="change_status" value="Update">
							</td>
						</tr>
						<tr>
							<td>
								<input type="submit" name="del_user" value="Delete">
							</td>
						</tr>
					</table>
				</td>
			</tr>
		</table>
	</body>
<?php
include("../includes/foot.php");
$user = $_POST['users'];
$status= $_POST['status'];
if ($_POST['change_status'] == "Update")
{
	$update= "UPDATE users SET status='$status' WHERE username='$user'";	
	mysql_query($update) or die(mysql_error());
	echo "$user has been updated!";
}
if ($_POST['del_user'] == "Delete")
{
	$del = "DELETE FROM users WHERE username='$user'";
	mysql_query($del) or die(mysql_error());
	echo "User Deleted";
}
if ($_POST['submit'] == "Submit")
{
	$site_url = $_POST['site_url'];
	$site_name = $_POST['site_name'];
	$site_foot = $_POST['site_foot'];
	$site_motto = $_POST['site_motto'];
	$submit = $_POST['submit'];
	$query = "UPDATE config SET site_name='$site_name', site_motto='$site_motto', site_foot='$site_foot', site_url='$site_url'";

	mysql_query($query) or die(mysql_error());
	echo "Configuration Saved!";
}
}
}
}
}
}
else
{
	echo "<b>Access Denied</b>";
}
?>
